|
|
Posted by Sanders Kaufman on 01/31/07 23:49
Nu wrote:
> I want to protect myself from if someone with a fast connection hammers my
> site. It's not denial of service attacks, but offline downloaders (of course
> that don't show they're offline downloaders in the useragent so I can't
> filter them by that). My main issue is my site is PHP so if they hammer it,
> it gets all the PHP files executing and overwhelms the CPU. I'd like to be
> able to after a certain amount of hits on my index.php per second, so just
> refuse.
>
> I can't find how to do that. Can it be done in PHP, htaccess, etc.
>
> Any ideas?
Can't be done. You cannot control what other people on the web
do. You can only control how you react.
Any measure you take against the dishonest folks, you also take
against the honest ones. To that end, there are services out
there who will gladly charge you thousands of dollars to sell
you service packages for several thousand per month. And some
of those might even help to track down your abusive user.
But your best bet is to just make sure you have capacity to
handle peak loads, and that overloaded systems throttle down
gracefully.
[Back to original message]
|